This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/CuUAOM3pjrN3d0F0APkDtaVvpHM.roa
File:                     CuUAOM3pjrN3d0F0APkDtaVvpHM.roa (raw, json)
Hash identifier:          eiY3J8QrRp0zqp3xtrky5SwvSLri27JliWRYhjKISyA=
Subject key identifier:   0A:E5:00:38:CD:E9:8E:B3:77:77:41:74:00:F9:03:B5:A5:6F:A4:73
Certificate issuer:       /CN=9588d8b4c7aa45a9b2cd737c614871eb7181babe
Certificate serial:       019B12BDD668BAAF49C058813DE6BD486A54
Authority key identifier: 95:88:D8:B4:C7:AA:45:A9:B2:CD:73:7C:61:48:71:EB:71:81:BA:BE
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/lYjYtMeqRamyzXN8YUhx63GBur4.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/CuUAOM3pjrN3d0F0APkDtaVvpHM.roa
Signing time:             Fri 12 Dec 2025 13:26:29 +0000
ROA not before:           Fri 12 Dec 2025 13:26:29 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     208173
IP address blocks:        185.187.51.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/lYjYtMeqRamyzXN8YUhx63GBur4.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/lYjYtMeqRamyzXN8YUhx63GBur4.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/lYjYtMeqRamyzXN8YUhx63GBur4.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Sat 27 Dec 2025 15:00:29 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:12:bd:d6:68:ba:af:49:c0:58:81:3d:e6:bd:48:6a:54
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=9588d8b4c7aa45a9b2cd737c614871eb7181babe
        Validity
            Not Before: Dec 12 13:26:29 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=0ae50038cde98eb37777417400f903b5a56fa473
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:ab:0e:f4:d8:98:be:6a:48:e4:c6:3b:4b:fb:b4:
                    28:60:27:71:a2:4c:47:52:ae:eb:08:c4:a2:64:5b:
                    6c:90:2b:fb:87:4b:d1:b3:3f:79:b8:d6:00:1d:61:
                    9c:08:9f:33:eb:7b:c4:8b:f7:46:42:42:6a:a8:e2:
                    7e:9e:4c:12:1b:60:a3:e0:44:d7:86:c2:50:90:b7:
                    bd:de:09:f9:30:e4:09:63:b0:0e:90:bc:d5:d0:5f:
                    cf:e4:b5:b1:a2:6a:97:6e:32:13:df:40:68:f8:47:
                    07:fa:d4:b1:2d:b0:e9:0a:2d:16:fc:f0:a9:67:38:
                    13:a0:e0:51:77:d0:34:70:5b:d0:6a:1f:04:f9:15:
                    a1:51:a3:c3:08:8a:d9:58:31:18:29:da:d8:07:1e:
                    30:84:74:cd:d5:ac:c8:25:dd:b7:d3:81:0b:71:59:
                    35:11:6b:1d:e4:b1:ef:df:6b:64:d8:d7:e2:d9:9d:
                    2f:37:ec:91:f6:21:d7:b0:96:e2:40:05:c0:1a:eb:
                    ff:16:8d:38:be:79:4f:31:f5:07:70:3c:86:66:b3:
                    62:7a:af:f5:44:b9:ea:37:78:32:a1:07:e6:e4:ba:
                    a1:61:03:95:dd:df:75:9f:55:cd:cd:82:99:ae:fa:
                    4f:56:aa:07:1d:a7:1e:13:31:7a:85:d6:9f:0e:18:
                    d3:49
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                0A:E5:00:38:CD:E9:8E:B3:77:77:41:74:00:F9:03:B5:A5:6F:A4:73
            X509v3 Authority Key Identifier:
                keyid:95:88:D8:B4:C7:AA:45:A9:B2:CD:73:7C:61:48:71:EB:71:81:BA:BE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lYjYtMeqRamyzXN8YUhx63GBur4.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/CuUAOM3pjrN3d0F0APkDtaVvpHM.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/75/00c3ab-4a7f-4f74-b556-a488bd42024f/1/lYjYtMeqRamyzXN8YUhx63GBur4.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  185.187.51.0/24

    Signature Algorithm: sha256WithRSAEncryption
         25:f1:c5:f6:2b:7a:d0:e5:f2:ff:8c:a3:b6:6b:ca:ff:a5:45:
         23:e5:d2:ca:cc:49:ac:f6:67:04:8b:df:4a:06:1a:a0:87:66:
         19:5f:f9:3c:fa:fb:bc:09:b4:f3:3b:f8:8c:40:fe:16:e0:f9:
         38:40:f4:1a:74:ee:77:c2:45:31:6a:d8:5e:56:ec:03:30:a2:
         bc:74:16:cf:3a:62:ca:44:d2:2b:36:37:fe:a3:09:0e:1d:fc:
         87:84:12:9c:79:92:88:56:c0:b5:cd:13:40:9e:d0:ce:24:76:
         19:84:53:cd:34:9d:cc:27:41:2d:7c:30:4f:43:f5:e3:a4:54:
         9a:53:bd:bd:23:ab:6f:68:64:33:55:d3:ec:fd:37:6c:53:01:
         ba:38:c6:c0:d1:a0:6f:ae:00:d3:76:b1:1c:d0:48:07:60:3e:
         0a:cb:47:56:1f:c5:16:cc:3f:a1:54:a2:4b:e3:45:a2:a6:5c:
         8d:e3:19:27:86:6e:cf:40:27:df:70:3f:ff:d9:3b:97:49:d6:
         98:0d:21:48:34:7f:85:2d:ea:70:69:60:2f:ce:0a:ce:99:ce:
         7f:b2:5e:88:ab:1f:c8:72:65:41:da:73:25:61:b4:45:c0:20:
         10:09:00:d3:87:40:84:93:f7:33:28:42:8d:2c:86:ab:d3:3c:
         ed:31:b7:34
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZsSvdZouq9JwFiBPea9SGpUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1ODhkOGI0YzdhYTQ1YTliMmNkNzM3YzYxNDg3MWViNzE4
MWJhYmUwHhcNMjUxMjEyMTMyNjI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWU1MDAzOGNkZTk4ZWIzNzc3NzQxNzQwMGY5MDNiNWE1NmZhNDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqw702Ji+akjkxjtL+7QoYCdxokxH
Uq7rCMSiZFtskCv7h0vRsz95uNYAHWGcCJ8z63vEi/dGQkJqqOJ+nkwSG2Cj4ETX
hsJQkLe93gn5MOQJY7AOkLzV0F/P5LWxomqXbjIT30Bo+EcH+tSxLbDpCi0W/PCp
ZzgToOBRd9A0cFvQah8E+RWhUaPDCIrZWDEYKdrYBx4whHTN1azIJd2304ELcVk1
EWsd5LHv32tk2Nfi2Z0vN+yR9iHXsJbiQAXAGuv/Fo04vnlPMfUHcDyGZrNieq/1
RLnqN3gyoQfm5LqhYQOV3d91n1XNzYKZrvpPVqoHHaceEzF6hdafDhjTSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFArlADjN6Y6zd3dBdAD5A7Wlb6RzMB8GA1UdIwQY
MBaAFJWI2LTHqkWpss1zfGFIcetxgbq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFlqWXRNZXFSYW15elhOOFlVaHg2M0dCdXI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8wMGMzYWItNGE3Zi00Zjc0LWI1NTYt
YTQ4OGJkNDIwMjRmLzEvQ3VVQU9NM3Bqck4zZDBGMEFQa0R0YVZ2cEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8wMGMzYWItNGE3Zi00Zjc0LWI1NTYtYTQ4OGJkNDIwMjRm
LzEvbFlqWXRNZXFSYW15elhOOFlVaHg2M0dCdXI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAubszMA0G
CSqGSIb3DQEBCwUAA4IBAQAl8cX2K3rQ5fL/jKO2a8r/pUUj5dLKzEms9mcEi99K
Bhqgh2YZX/k8+vu8CbTzO/iMQP4W4Pk4QPQadO53wkUxatheVuwDMKK8dBbPOmLK
RNIrNjf+owkOHfyHhBKceZKIVsC1zRNAntDOJHYZhFPNNJ3MJ0EtfDBPQ/XjpFSa
U729I6tvaGQzVdPs/TdsUwG6OMbA0aBvrgDTdrEc0EgHYD4Ky0dWH8UWzD+hVKJL
40WiplyN4xknhm7PQCffcD//2TuXSdaYDSFINH+FLepwaWAvzgrOmc5/sl6Iqx/I
cmVB2nMlYbRFwCAQCQDTh0CEk/czKEKNLIar0zztMbc0
-----END CERTIFICATE-----